On Mon, Oct 19, 2009 at 05:43:44AM +0200, Polytropon wrote:
> On Sun, 18 Oct 2009 22:23:43 -0500, David Kelly <dke...@hiwaay.net> wrote:
> > When not using a count to indicate how much data is in a char* you
> > should always test for null. Testing for null is not a sure fire way
> > to prevent buffer over runs but its better than nothing.
> There are means like
> #include <assert.h>
> to make sure s is not NULL, or testing for it explicitely like
> ... error handling here ...
You are missing my point that *s == 0 is not a good out of bounds range
> is possible. Furthermore, it is a proven way to give a length
> argument along with the (char *) argument, such as the "new"
> l-functions for strings, e. g. strlcat() and strlcpy(), do.
> char *skiptags(char *s, int l);
> You can even double-check for l begin != 0. Or you employ a
> test with strlen() function-internally.
strlen() knows nothing about the buffer allocation. As I originally
said, testing for null (and my example tested) is not foolproof but its
better than nothing. One should *also* test for the known end of the
David Kelly N4HHE, dke...@hiwaay.net
Whom computers would destroy, they must first drive mad.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"